krypted.com

Tiny Deathstars of Foulness

One of the options thats a tad bit hidden in OS X is the Secure Erase option, which runs a multi-pass erase on a volume. Additionally, there’s no option to Secure Erase free space on a volume. But you can still securely erase whatever you’d like (other than you boot volume obviously), when needed. To do so, use the diskutil command along with the secureErase option. Screen Shot 2016-01-07 at 7.44.07 AM The format of the command to secureErase freespace is:
diskutil secureErase freespace [level] [device]
The levels are as follows (per the man page as not all of these are specified in Disk Utility):
  1. Single-pass zero-fill erase
  2. Single-pass random-fill erase
  3. US DoD 7-pass secure erase
  4. Gutmann algorithm 35-pass secure erase
  5. US DoE algorithm 3-pass secure erase
So for example, let’s say you had a volume called Seldon and you wanted to do a standard Single-pass zero-fill erase. In this example you would use the following:
diskutil secureErase freespace 0 /Volumes/Seldon
If you were to automate the command then you would want to dump the output into a log file. For example:
diskutil secureErase freespace 0 /Volumes/Seldon > /var/log/secureeraselog.tmp
You can also secureErase a volume itself. To erase a volume called /Volumes/Seldon, use the same structure of the command, but this time without the freespace option: diskutil secureErase 0 /Volumes/Seldon The latest update to Disk Utility removes a lot of options from the GUI, but overall, I have yet to find a scenario where a task I need to perform isn’t still available, if only from the command line.

January 7th, 2016

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , , ,

The Cipher tool can overwrite deleted data in much the same way the Secure Empty Trash or Secure Erase options work in OS X. To do so, use the cipher command along with the /w switch while all programs on the system are quit. Then, from a command prompt use the /w switch followed by : and then the path to the location you’d like to overwrite. For example, if you deleted a folder from the c:/MYAPPDATA folder, you would use the following to remove data not allocated to files or folders: cipher /w c:/MYAPPDATA Note: The cipher command permanently removes data and so takes awhile according to the amount of data you’re overwriting.

September 16th, 2013

Posted In: Windows Server

Tags: , , , , ,